package ibmetp.mis.controller.filter;

import ibmetp.mis.common.Constants;
import ibmetp.mis.vo.User;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

/**
 * 过滤器
 * @author LAN DABIN
 * @create 2011-10-4
 */
public class LoginFilter implements Filter {
 
	public static boolean isContains(String container, String[] regx) {
        boolean result = false;

        for (int i = 0; i < regx.length; i++) {
              if (container.indexOf(regx[i]) != -1) {
                    return true;
              }
        }
        return result;
  }
    public FilterConfig config;
    
    
    public FilterConfig getConfig() {
		return config;
	}

	public void setConfig(FilterConfig config) {
		this.config = config;
	}
	

	public void destroy() {
		this.config=null;
	}

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		   System.out.println("LoginFilter.....");
		   HttpServletRequest httpreq = (HttpServletRequest) request;
		  // System.out.println("URI:"+httpreq.getRequestURI());
           HttpServletResponse httpres = (HttpServletResponse) response;

           HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(
                       (HttpServletResponse) response);
           String loginStrings = config.getInitParameter("login");//登录的uri
           String includeStrings = config.getInitParameter("include");//需要验证的uri
           String redirectPath = httpreq.getContextPath()
                       + config.getInitParameter("redirect");//重定向
           String disabletestfilter = config.getInitParameter("disable");

           if (disabletestfilter.toUpperCase().equals("Y"))//是否启动权限过滤 
           {
                 chain.doFilter(request, response);
                 return;
           }
           String[] loginList = loginStrings.split(";");
           String[] includeList = includeStrings.split(";");
           User user = (User)httpreq.getSession().getAttribute("userinfo");
           System.out.println(httpreq.getRequestURI());
         //  System.out.println(httpreq.getRequestURL());
           
           if (user == null) {
                 if (!this.isContains(httpreq.getRequestURI(), includeList)) {
                       chain.doFilter(request, response);
                       return;
                 }
                 if (this.isContains(httpreq.getRequestURI(), loginList)) {
                       chain.doFilter(request, response);
                       return;
                 }
                 wrapper.sendRedirect(redirectPath);

           } else {
        	    
        	   //userinfo 的资源列表是否含有httpreq.getRequestURI();
         if(user.hasResource(httpreq.getRequestURI()))   
        	                 chain.doFilter(request, response);
        	
        	
        	 else  {
        		 if (!this.isContains(httpreq.getRequestURI(), includeList)) {
                     chain.doFilter(request, response);
                     return;
               }
               if (this.isContains(httpreq.getRequestURI(), loginList)) {
                     chain.doFilter(request, response);
                     return;
               }
        		 System.out.println("not hit："+httpreq.getRequestURI());
        		 response.setContentType(Constants.ENCODING_UTF8);
        		 response.getWriter().println("<html><h>Sorry,You Have Not Permission!</th></h>");
        		
        		//wrapper.getResponse().getWriter().println("你没有权限");
        	 
        	 
        	 }
        	    //wrapper.sendRedirect("/MIS/manage/index.jsp");
           }
	}


	public void init(FilterConfig filterConfig) throws ServletException {
		   this.config = filterConfig;
	}

}
